Thanks for your feedbadk! I have some daemons that only comunicate by TCP. I would like to be able to make indirect call to the local portmap daemon for calling my tools.
Reading the RFC 1831 says (in the context of indirect calls): the portmap comunicate with the remote program using UDP. Could i infere i may add support for indirect comunicate using TCP without violating the standard? I am worried, too, about the security implications this "patch" could open. 2006/1/19, Theo de Raadt <[EMAIL PROTECTED]>: > > I have been playing around with openbsd portmap. I am confused about > > the fact that if a program is registered above port 1024 any local > > user may remove it, right? > > Yes. > > > Does it sound good from a security point of view? > > It's not that great, but unfortunately there is no solution to this > problem. It is a bad design. > > I've spent a lot of time working on RPC, making it more secure. There > are many other restrictions for safety in our RPC and portmap code, > but there is no real solution to this.
